How to guard your self from faux airline Wi-Fi scams whereas touring

Earlier this 12 months, Australian police arrested a passenger for operating a malicious Wi-Fi community each at an airport and through a flight. The setup seemed identical to the airline’s personal Wi-Fi service, however it wasn’t. Instead, it was what cybersecurity researchers name an “evil twin,” a faux hotspot designed to trick individuals into handing over their credentials.

The concept is not new, however the setting is. For years, faux Wi-Fi networks have been a typical trick in cafes, lodges, and airports. What makes this case stand out is that the attacker took it to the skies, exploiting the rising reliance on in-flight Wi-Fi for leisure and web entry.

Sign up for my FREE CyberGuy Report
Get my finest tech suggestions, pressing safety alerts and unique offers delivered straight to your inbox. Plus, you’ll get prompt entry to my Ultimate Scam Survival Guide – free if you be a part of my CyberGuy.com publication.

What is an evil twin Wi-Fi assault?

An evil twin hotspot is a wi-fi community that impersonates a legit one by copying its identify, also referred to as the SSID. When a number of networks with the identical identify exist, your cellphone or laptop computer usually connects to the one with the stronger sign, which is normally the attacker’s.

Travelers examine their telephones whereas navigating delays and flight cancellations on the Austin-Bergstrom International Airport on July 19, 2024, in Austin, Texas. (Brandon Bell/Getty Images)

Once linked, victims are sometimes redirected to a faux login or touchdown web page. In this case, the malicious portal requested passengers’ e-mail addresses, passwords, and even social media credentials below the pretense of granting entry to the airline’s leisure system. The stolen info may then be used for account takeovers, identification theft, or additional assaults.

Why journey Wi-Fi is a main goal

Travel creates an ideal storm for these sorts of assaults. Whether you are in a lodge, airport, cruise ship or airplane, you usually have restricted decisions for getting on-line. Mobile information could also be patchy or costly, which pushes individuals towards the out there Wi-Fi networks. Because these companies really feel official and are tied to trusted manufacturers, vacationers are inclined to assume they’re secure and let their guard down when login requests pop up.

Another development provides to the chance. Travel suppliers are more and more transferring leisure and companies onto private units as an alternative of providing built-in choices. Airlines substitute seatback screens with streaming portals, cruise traces promote app-based companies and lodges direct friends to digital check-in platforms. All of those require a Wi-Fi connection, which suggests extra persons are logging on than ever earlier than.

QANTAS DATA BREACH EXPOSES MILLIONS OF CUSTOMER RECORDS

How hackers trick you with faux in-flight Wi-Fi

Here’s the way it labored within the Australian case. The attacker carried a transportable hotspot onboard and named it to match the airline’s official Wi-Fi community. Passengers, seeing the faux community with stronger sign power, linked mechanically. They have been then taken to a counterfeit login web page asking for private particulars.

A traveler awaits their delayed baggage after United Airlines grounded flights resulting from a tech outage at Newark Liberty International Airport in Newark, New Jersey, Aug. 6, 2025.  (REUTERS/Ryan Murphy)

On a flight, the implications are amplified. Passengers both give in and share information or lose entry to leisure for hours. The success fee of this assault is, fairly actually, sky-high.

YOUR DISCARDED LUGGAGE TAGS ARE WORTH MONEY TO SCAMMERS

Why you want a VPN for in-flight Wi-Fi safety

One of one of the best defenses in opposition to rogue Wi-Fi is a Virtual Private Network, or VPN. A VPN creates an encrypted tunnel between your system and the web, making it far more durable for attackers to intercept your information even for those who hook up with the mistaken hotspot.

There is a catch, although. In-flight Wi-Fi techniques usually require you to disable your VPN quickly to entry the onboard portal. Even then, a VPN stays an vital safeguard. Once you could have cleared the login web page and, in case you have paid, linked to the web, enabling your VPN ensures that any shopping, messaging, or app site visitors stays non-public.

For one of the best VPN software program, see my professional overview of one of the best VPNs for shopping the net privately in your Windows, Mac, Android and iOS units at CyberGuy.com.

9 suggestions for utilizing in-flight Wi-Fi safely

A VPN is vital, however it is not the one protection you need to depend on. Here are another methods to remain secure when connecting midair:

1) Install robust antivirus software program

Before you even take into consideration connecting to in-flight Wi-Fi, make sure that your system has a powerful antivirus put in. It’s your first line of protection in opposition to malicious websites and apps that attackers might attempt to push by means of faux portals. This safety also can provide you with a warning to phishing emails and ransomware scams, holding your private info and digital belongings secure.

Get my picks for one of the best 2025 antivirus safety winners on your Windows, Mac, Android and iOS units at CyberGuy.com.

James Garofalo of Colorado Springs is checking cellphone after his flight cancelation at Denver International Airport in Denver, Colorado, on Thursday, Dec. 22, 2022. (Hyoung Chang/The Denver Post)

2) Enable two-factor authentication (2FA)

Even if an attacker manages to steal your login credentials, 2FA can cease them from entering into your accounts. Use app-based authenticators quite than SMS codes every time doable, since they work offline and are more durable to intercept.

3) Turn off automated Wi-Fi connections

Most telephones and laptops are set to reconnect mechanically to acquainted networks. This makes it simpler for a faux hotspot with the identical identify to trick your system. Before you board, change off auto-connect and manually select the right airline Wi-Fi.

4) Use HTTPS in every single place

When shopping in-flight, examine for the padlock icon in your browser’s handle bar. HTTPS encrypts the connection between your system and the web site, making it more durable for attackers on public Wi-Fi to intercept your information.

5) Limit what you entry

Even with precautions, in-flight Wi-Fi needs to be handled as untrusted. Avoid logging in to delicate accounts like on-line banking or work techniques. Stick to mild shopping, streaming or messaging till you are again on a safe connection.

6) Keep your system up to date

Outdated working techniques and apps usually have safety holes attackers exploit. Before your journey, set up the newest updates in your cellphone, pill or laptop computer. Many updates embody safety patches that shield you in opposition to recognized vulnerabilities.

7) Use airplane mode with Wi-Fi solely

When doable, change your system to airplane mode after which allow solely Wi-Fi. This reduces publicity from different radios (like Bluetooth or mobile roaming) that attackers typically goal on flights.

8) Watch for phishing pop-ups and keep away from suspicious clicks

Some faux in-flight portals use pop-ups or redirects designed to trick you into getting into login particulars or clicking on malicious hyperlinks. If a web page asks for pointless info, like your full Social Security quantity, banking particulars or unrelated logins, deal with it as a purple flag. Close the web page instantly and don’t click on.

9) Log out after use

When the flight is over, signal out of the airline’s Wi-Fi portal and any accounts you accessed. This prevents session hijacking if the system retains tokens cached.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

The rise of evil twin assaults within the air is a reminder that comfort usually comes with hidden dangers. As airways push extra passengers towards in-flight Wi-Fi, attackers are discovering methods to take advantage of that dependency. Next time you fly, assume twice earlier than blindly connecting to the primary Wi-Fi community that pops up. Sometimes, the most secure alternative is to remain offline till you land.

Would you quite go a couple of hours offline than threat utilizing an untrusted hotspot midair? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my finest tech suggestions, pressing safety alerts and unique offers delivered straight to your inbox. Plus, you’ll get prompt entry to my Ultimate Scam Survival Guide – free if you be a part of my CyberGuy.com publication.

Copyright 2025 CyberGuy.com.  All rights reserved.